Detection, differentiation and localization of replay attack and false data injection attack based on random matrix

Replay attack and false data injection attack (FDIA) are two common types of cyber-attacks against supervisory control and data acquisition systems, aiming to disrupt the normal operation of the power system by falsifying meter measurements. In this paper, we proposed a systematic methodology to defend hybrid attack with both replay attack and FDIA. Specifically, we propose a detection method applying random matrix theory to: (1) detect the hybrid attack on static state estimation, and (2) distinguish FDIA from replay attack as well as localize falsified measurements. Firstly, short-term forecast on load and renewable power generation is conducted to obtain the predicted measurements. Secondly, random variables are calculated by differentiating the forecasting measurements and real-time measurements. A random matrix is consequently constructed with the above random variables. Thirdly, hybrid attacks are detected by the changes of the linear eigenvalue statistics of the random matrix obtained by the sliding time window. More importantly, a novel multi-label classifier to distinguish replay attack from FDIA is designed to localize FDIA by combining SVD decomposition and eigenvalue analysis with convolutional neural network (SVD-CNN). Finally, comprehensive simulations on the IEEE 14-bus system and IEEE 57-bus system are provided to validate the performance of the proposed method. It is shown that the proposed detection method has strong detection ability by filtering measurement noise. Moreover, the proposed SVD-CNN improves the accuracy in FDIA localization.


FDIA and replay attack model
The measurement model of the power system used in this paper is based on the DC power flow equation given by where x = [x 1 , x 2 , . . ., x n ] T ∈ R n represents the state variables, i.e., the bus phase angles; z = [z 1 , z 2 , . . .z m ] T ∈ R m are the measurements, namely, the active power injection of buses and the branch flows; H = (h i,j ) ∈ R m×n is the Jacobian matrix of power flow equations; e = [e 1 , e 2 , . . .e m ] T ∈ R m represents measurement errors.

FDIA model
Based on 6 , the falsified measurement can be represented by where a is the inserted bias; c represent the expected state change caused by the inserted measurement bias.In other words, the following equation holds, Once the condition a = Hc holds, the pair (x a , z a ) will pass BDD.It is noted that to successfully construct FDIA, the attackers need to know at least part of the topology information (namely the element of H ) of the power grid 25 .

Replay attack model
Different from FDIA, the replay attack is not dependent on the information of H .By contrast, it is assumed that the attack can access the historical measurements and can falsify all the real-time measurements with historical measurements.
Suppose the replay attack is launched at time interval t .The real-time measurements are falsified by where z a,t represents the falsified real-time measurement at time interval t ; z t− t is the historical measurement at time interval t − t .Obviously, after static state estimation, the real-time state will equal to the state at time interval t − t .Therefore, the equivalent inserted measurement bias is given by In the above equation, z t is the correct measurement at time interval t .Accordingly, the falsified state variable is given by where x a,t represents the falsified real-time state variable; x t− t is the state variable at time interval t − t .Apparently, if (x t−�t , z t−�t ) can pass BDD, (x a,t , z a,t ) after the replay attack can also pass BDD.

Basics of random matrix theory and linear eigenvalue statistics
Our proposed detection method for hybrid attacks is based on RMT.Therefore, for sake of self-containedness, the fundamental concepts of RMT and linear eigenvalue statistics are briefly introduced as follows.

Marchenko-Pastur law
Marchenko-Pastur Law (M-P Law) is a basic theorem in RMT, describing the asymptotic behavior of singular values of large rectangular random matrices.Let us consider a Hermitian matrix M whose entries are i.i.d. with zero mean and bounded variance σ 2 .When the number of rows N and the number of columns T tend to infinity with a fixed ratio s = N/T ∈ (0, 1] , the empirical spectrum density (ESD) of the corresponding sample covari- ance matrix converges to the distribution represented as the following function where a = σ 2 (1 − √ s) 2 , b = σ 2 (1 + √ s) 2 .For a matrix of a finite size (e.g., with tens to hundreds of rows and columns), Eq. ( 7) is also hold with high accuracy 23 .As shown in Fig. 1, the ESD converges to the theoretical curve of M-P law when N = 200 and T = 400 . (3)

Linear eigenvalue statistics
According to M-P law, we can construct a test statistic by utilizing the eigenvalues of matrix , without making restrictive assumptions about the distribution of elements in matrix M to obtain the exact distribution of this statistic 26 .Linear Eigenvalue Statistics (LES) τ , defined by the continuous test function ϕ: 27,28 , is given by where i is the i-th eigenvalue of .Since each of i ( ), i = 1, 2, . . ., N is a complex function of matrix , τ is also a random variable concerning the sum of the function ϕ of .Various test functions are proposed in 23 as follows. 1.
In case that the elements of M are independently identical distributed, the probability density function dis- tribution of is quite stable.So i.i.d.noise will not cause significant changes in the constructed LES.Therefore, using the random matrix-based LES to analyze time series data can effectively differentiate signals from Gaussian noise, enabling the detection of cyber attacks.

Detection, differentiation and localization of hybrid attack
We propose a comprehensive methodology shown in Fig. 2 to detect, differentiate and localize replay attack and FDIA.
(1) Forecast.By conducting load forecasting, renewable power generation forecasting and power flow calculation, predicted measurements z ′ are obtained.
(2) Detection.If no bad data are detected by BDD, real-time measurements z will be sent to detection module based on measurements z ′ to detect hybrid attack.
(3) Differentiation and localization.Once a hybrid attack is detected, z will be sent to the differentiation and localization module, aiming to identify the type of hybrid attack and further localize the attack if confirmed as FDIA.In the subsequent sub-sections, we elaborate the models and algorithms for forecasting, detection, differentiation and localization, respectively.

Short-term load forecasting and renewable power generation forecasting
It is critically important to improve the accuracy of the load forecast and renewable generation forecast, to achieve the effectiveness of the proposed detection method.In this paper, we apply the widely-used machine learning models to conduct day-ahead load forecast and renewable generation forecast, which are regarded as the ground truth for detection of hybrid attacks.
For day-ahead load forecast, we apply Random Forest (RF) and Long-short Term Memory (LSTM) neural network to construct an ensemble learning model with better performance.These methods have been widely used in Forecasting 29,30 .Specifically, we generate a training set by selecting similar days based on the weather and the trend of load changes.Then predicted power loads are obtained by these two methods respectively.Finally, weights based on the errors during forecast of the two models are settled to combine the prediction results.
As for renewable power generation forecast, we focus on wind power generation forecast as an example, for a mild research scope.Since the output of wind power is greatly influenced by speed and direction of wind, these two variables are selected as features to conduct the regression model.In this paper, a genetic algorithm optimized back propagation (GEN-BP) neural network is constructed for wind power generation forecast.The BP neural network has good performance in regression prediction, while optimizing the weight and bias using genetic algorithm can further improve forecasting performance 31 .

Time-series analysis and detection
In this subsection, taking the predicted measurements as ground truth, we introduce the detection method based on RMT.
Suppose that the topology of the power system is fixed in short time period, after achieving power loads and renewable power generation forecasting results, the predicted measurements of power system can be obtained through power flow calculation.Then, we comprehensively securitize the deviation between actual measurements and predicted measurements and the chronological correlation of the measurements.
Let the deviation at T is a constructed random matrix with a sliding time window T. After standardizing each row of the constructed random matrix, the covariance matrix of M is calculated as follows.
By calculating the sum of a test function of the eigenvalues [ 1 , 2 , . . ., N ] of , we can obtain the test statistic, namely, the LES τ.
In order to analyze the time-series data, we need to obtain LES with dynamic changes over time.It is necessary to construct a series of random matrices at every time interval.To achieve the goal, the method of constructing a sliding time window is implemented.As shown in Fig. 3, a fix size of time window is sliding over time and the last column of the matrix in the time window is the deviation of the current moment.
If there is no attack, the differences between predicted measurements and real-time measurements containing gaussian noise are relatively small and LES changes insignificantly over time.If an attack occurs, the original distribution of the deviations in a time window changes and the temporal correlation of matrices at adjacent moments is broken, LES will appear significant fluctuations.We propose a statistic indicator denoted by where τ t and τ t−1 represent the LES at the moment t and t − 1 respectively.

Differentiation and localization
In this subsection, we investigate the differentiation and localization method based on multi-label CNN and the proposed detection method in "Section Time-series analysis and detection".

Construction of location indicator
To improve the accuracy of FDIA localization, we construct a location indicator based on SVD decomposition and eigenvalue analysis.In traditional localization methods based on multi-label classification, measurements are directly used as input for training and predicting.The challenges that limit the accuracy of localization are twofold.
(1) The significant differences in a meter at different moments reduce the effectiveness of training.( 2) The significant differences between different meters under one FDIA reduce the accuracy for identifying the compromised meters under low-amplitude attacks.In response to challenge (1), by subtracting the real-time measurements from the predicted measurements, we set all normal measurements at the same level so as to highlight the compromised meter.Further in response to challenge (2), we propose a method to construct a location indicator based on the detection method in "Section Time-series analysis and detection" and matrix SVD decomposition to amplify the impact of FDIA on meters and utilize the indicator as input for CNN.
For a covariance matrix , we can decompose it as follows.
where v and u represent the left and right eigenvector matrix respectively, k denotes the kth eigenvalue while v k is the corresponding eigenvector.
The contribution of the i-th row of v to the eigenvalue k can be given by The detailed derivation from Eq. ( 12) to ( 13) can be seen in 24 .we utilize the singular vector corresponding to the maximum singular value of constructed covariance matrix to construct the location indicator.The location indicator l is given by where 1 is the maximum eigenvalue.Then l of every measurement is set as the input for training and predict- ing of CNN.

CNN and label setting
In this subsection, we introduce the constructed multi-label CNN and label setting for differentiation and localization.The network structure of our constructed CNN is shown in Fig. 4. We denote the input (i.e., the location indicator), the labels (i.e., the meter compromised or not), the output (classification prediction of the CNN) as l = (l 1 , l 2 , . . .l n ) , y = (y 1 , y 2 . . .y n ) and ŷ = (ŷ 1 , ŷ2 . . .ŷn ) , respectively.The label of meter i is determined according to the following rule Considering that replay attacks can be seen as a special normal state, we denote the label as y = (y 1 , y 2 , . . .y n ) = (0, 0, . . .0) under replay attack.The output of CNN is continuous numbers around 0 and 1.We take the label closest to the output number as the output label.The pseudo code of detection is shown in Algorithm 1.It is recommended that the threshold η is greater than 95% of �τ based on the normal operation of the power system, by evaluating historical operating data.The pseudo code of differentiation and localization is shown in Algorithm 2. (10

Case studies
In this section, we evaluate the proposed defense methodology against replay attack and FDIA.

Experimental setup
Our experiments are conducted by MATLAB 2021b on a personal computer with 16GB RAM, Intel i5-10210U CPU, and a NVIDIA GeForce MX110 GPU.The sections of forecast and localization are based on the machine learning and deep learning toolbox, while the section of power flow calculation utilize the MATPOWER toolbox.We first test and evaluate the effect of the detection method for replay attack and FDIA based on RMT through simulation experiments on the IEEE 14-bus system and IEEE 57-bus system.Then we verify the effectiveness of the proposed method of distinguishing replay attack from FDIA and the localization of FDIA.

Short-term load and renewable generation forecast
In this section, we test the forecasting method of the proposed prediction model.

General setup of dataset
(1) Load forecast.The load data comes from some regions in a certain province in southern China which can be found online at https://github.com/c1emon/BP_Neural_Networks_for_power_load_forecasting.We select historical load information from 10 similar days within a month as the training set to forecast the last day of the (2) Renewable power generation forecast.Our data comes from a wind farm which can be seen in 32 .Taking a time interval of 10 min, a total of 4320 sets of data from the first 30 days of the month are set as the training dataset.A total of 144 sets of data from the 31st day are set as test dataset for regression prediction.

Result of short-term load forecast
We compare the effectiveness of proposed combination method for load forecast with using only a single model for forecasting the load of the 6th column on the last day of January.The result of load forecasting is shown in Fig. 5.
The indexes mean absolute percentage error (MAPE) and root mean square error (RMSE) are used to evaluate the prediction results.The error results based on different models are shown in Table 1.It is obvious to conclude that the proposed combined forecast model based on LSTM-RF has lower forecasting error.

Result of short-term renewable power generation forecast
The result of wind power forecasting is shown in Fig. 6.
Considering that wind power generation output may occur around 0, using MAPE as an index to evaluate errors is no longer appropriate.Mean absolute error (MAE) and RMSE are utilized to evaluate the error instead.The error results based on different models for wind power forecast are shown in Table 2.
It is obvious that the GEN-BP model achieves better prediction accuracy due to the superior performance of the BP network in regression prediction and the optimization of initial weights and biases by GEN.

Case study 2: detection of hybrid attack
In this part, we study the performance of the proposed detection method in "Section Time-series analysis and detection" based on two aspects: the ability to detect hybrid attacks; the robustness to gaussian noise.

General setup of dataset
On the IEEE 14-bus system, there are a total of 14 buses and 20 transmission lines, i.e., a total of 34 measurements.On the IEEE 57-bus system, there are 57 buses and 80 transmission lines, i.e., a total of 137 measurements.The measurements are the active power injection of buses and branch flows.After obtaining the predicted loads and predicted wind power generations within a day, in order to match the sampling time of the two results and simulate a higher signal sampling frequency to meet the needs of a larger sliding time window, we fill in the predicted loads and predicted wind power generations according to the principle of equal distance to achieve a set of sampling data per minute.Due to the time interval of 15 min for load forecasting, from 0:00 to 23:45 in a day, 1425 sets of data were obtained.To balance the size of the data for test, the first 1425 sets of wind power generations are taken.On the IEEE 14-bus system, we normalize the data from columns 2 to 11 on the last day of January and the data from columns 2 to 5 on the last day of February, and then multiply them sequentially by the active load demand of the bus foundation.On the IEEE 57-bus system, the data from columns 2 to 11 on the last day of January and from columns 2 to 8 on the last day of July are included.The wind power generation data are normalized and then scaled by the active power generation of the second bus of IEEE 14-bus sysmtem, and the first bus of IEEE 57-bus system, respectively.Afterward, we perform power flow calculations to obtain predicted measurements.Due to the fact that measurement errors are generally assumed to be Gaussian distributions, and to avoid the sparsity of the constructed matrix, we add Gaussian white noise with a mean of 0 and deviation of 1% to the measurements.We set the size of a time window twice the number of meters to construct a random www.nature.com/scientificreports/matrix, i.e., T = 68 on the IEEE 14-bus system and T = 274 on the IEEE 57-bus system.The test function 5 in "Section Linear eigenvalue statistics" is selected to construct LES.The construction of the attack is as follows: 1) replay attack: measurements from t = 1 min to t = 680 min are randomly selected as attack vectors to falsify real-time measurements from t = 700 min to t = 1300 min on the IEEE 14-bus system; measurements from t = 1 min to t = 580 min are randomly selected as attack vectors to falsify real-time measurements from t = 600 min to t = 1100 min on the IEEE 57-bus system.
2) FDIA: the attack vectors are constructed by the Eq. 2. The number of targeted state variables follows a discrete uniform [2, 4] distribution on the IEEE 14-bus system and a discrete uniform [9, 11] on the IEEE 57-bus system with a state variation of a uniform [10%, 20%] distribution for each bus.

Detection for replay attack
To study the effectiveness of our proposed method for replay attack detection, we inject continuous historical measurements from t = 200 min to t = 300 min into measurements from t = 1100 min to t = 1200 min on the IEEE 14-bus system and historical measurements from t = 200 min to t = 300 min into measurements t = 1000 min to t = 1100 min on the IEEE 57-bus system.
Figures 7 and 8 show the detection results on the IEEE 14-bus system and the IEEE 57-bus system, respectively.It is obvious that the curves of �τ increase significantly at t = 1100 min and t = 1000 min (i.e., the moments that the attacks start) in the two figures, respectively.At t = 1269 min and t = 1375 min in Figs.7 and  8 respectively, the sliding time windows completely slide out of the attacked time areas and �τ regress to a lower value and keep in a low level after a trough.
It is obvious that the constructed LES is very sensitive to replay attacks and we can detect replay attacks by the sudden increase of �τ .It is noted that due to the different size relationship between the sliding time window and attack duration, the trends of the curves in Figs.7 and 8 are not the same, but this will not affect the realtime detection.
Further to demonstrate the performance of our proposed detection method for filtering measurement noise, We set different detection methods for comparison.The comparable detection methods are set as follows (1) our proposed method based on prediction and LES (PD-LES) (2) utilizing RMSE of the differences from predicted measurement and real-time measurement as the test statistic (RMSE-PD) (3) utilizing the actual measurements to construct a random matrix and obtain LES as the test statistic (AM- LES) We use receiver operating characteristic curve (ROC) to show the effectiveness.To ensure real-time detection, we focus on the detection effectiveness of the attack-launching moment.As the computational efficiency of detection shown in Table 3, the time for calculating �τ is very short, which can meet the requirement of online detection.We repeat attacks for 1200 times on the IEEE 14-bus system while 500 times on the IEEE 57-bus system.Additionally, we add additional magnitudes of noise (Gaussian distribution with 0 mean and variance of 0.03, and 0.05 respectively) to imitate measurement errors.The ROCs of detection on the IEEE 14-bus system and IEEE 57-bus system are shown in Figs. 9 and 10 respectively.The detection rates at 0 false alarm rate for these 3 methods as the noise increases on the IEEE 14-bus system and IEEE 57-bus system are shown in Tables 4 and 5 respectively.
From the Figs. 9 and 10, it is obvious that the detection rate of PD-LES is much higher than the other two methods, which means it is easy to choose a threshold to balance the false alarm rate and detection rate, so as to www.nature.com/scientificreports/achieve a higher detection rate at low false alarm rate.More importantly, it is obvious that as the noise amplitude increases, the decrease of detection rate of RMSE-PD is larger than that of PD-LES and AM-LES.In other words, our proposed detection method based on RMT is robust by filtering measurement noise.
It can be seen that the LES of random matrix is very sensitive to the noise that converges to i.i.d., so it is equivalent to play a good role in filtering measurement noise.This can also explain the phenomenon that the decrease in detection rate is more affected by the increase of noise amplitude for RMSE-PD.Both PD-LES and  www.nature.com/scientificreports/AM-LES utilize RMT, while RMSE-PD does not.In addition, the detection rate of PD-LES is much better than AM-LES.This is because, as the power system operates dynamically, the distribution of real-time measurements within a sliding time window in AM-LES is more irregular, while the difference between predicted measurements and real-time measurements can be approximated as white noise, the statistical pattern within a sliding window is more sensitive to a cyber attack, leading to enhanced detection accuracy.Hence, measurement forecasting is an essential aspect of our proposed approach.Furthermore, with the increase of the size of a time window, the distribution of data is more complex in a time window, which makes the detection effect of AM-LES on the IEEE 57-bus system worse than that on the IEEE 14-bus system.

Detection for FDIA
For FDIA, the detection rate is also quite high.Figure 11 shows the ROC of proposed method for FDIA detection under 0.05 noise.From the figure, it can be seen that even at high noise level, when the false alarm rate is equal to 0, the FDIA detection rate of our proposed has reached over 94%.It is concluded that our proposed method can achieve high detection rate for FDIA, even given few number of targeted states and small changes of state variables.

Case study 3: differentiation and localization
In this section, we study the performance of our proposed method in "Section Differentiation and localization" for differentiation and localization to validate the high sensitiveness to compromised meters of our constructed location indicator.

General setup of dataset
The construction of attack vectors is the same as that in "Section General setup of dataset" of "Section Case study 2: detection of hybrid attack".For CNN, we use the gradient descent algorithm to train the network, with 30 training samples each time.The total number of training times is 900.The learning rate is 0.01 and it becomes 0.005 after 400 times' training.We have constructed 3000 conventional FDIA samples and 3000 replay attack samples.After shuffling the sample order, select 4500 samples as the training set and 1500 samples as the testing set.

Location indicator
The result of our proposed location indicator for FDIA is shown in Fig. 12 while the location indicator of the proposed method for replay attack is shown in Fig. 13.In Fig. 12, it can be seen that for the meters which are not attacked, the values of the indicators are very small.However, for the meters under attack, even if the meter with the lowest attack amplitude, the corresponding location indicator is far greater than that of the uncompromised meters.By this way, the differences between  compromised meters and uncompromised meters are amplified.For replay attacks in Fig. 13, all measurements are attacked, which lead to the relatively centralized distribution of location indicators.Therefore, the classifier can easily differentiate between the two attack types by analyzing the variation in location indicator distribution.

Result of differentiation and localization
In our proposed model, the computational efficiency of differentiation and localization is shown in Table 6.In order to further validate the improvement of the proposed data processing method on localization performance, we set up a comparative experiment of CNN-based classification.Besides the traditional method using real-time measurements directly as input to CNN, we also use the difference between actual measurements and predicted measurements as input (DIF-CNN) for comparison.What's more, we compare CNN with traditional machine learning methods decision trees with location indicator as input (SVD-DT) to demonstrate its superiority in classification performance.In order to utilize decision tree (a conventional method to solve the single-label multi-class problem) to solve the multi-label binary classification problem, inspired by 14 , the multi-label dataset with N binary labels is converted into a single-label dataset with 2 N categories.Due to the fact that some measurements are related and the number of targeted state variables is limited, there are still hundreds of categories on the IEEE 14-bus system after deleting the categories that have never appeared.On the IEEE 57-bus system, the number of categories is much more.
In this paper, we employ accuracy, precision, recall, and F1 of the predicted results to evaluate the performance of the classifiers.It is noted that, the definitions of true positive (TP), false positive (FP), true negative (TN) and false negative (FN) for differentiation and localization are defined in Tables 7 and 8, respectively.The evaluation indicators are defined in Eqs. ( 16), ( 17), ( 18) and ( 19) respectively.The differentiation and localization results on the IEEE 14-bus system are shown in Tables 9 and 10 respectively.
As can be seen in Table 9, in term of the differentiation, by using the difference between the actual measurements and the predicted measurements as input for CNN, the four indexes enhance significantly to near 100%.Further using the location indicator readings as input, the improvement is little, and the gap between SVD-CNN and SVD-DT is not very large.The reason is that differentiating the type of attacks is a binary classification z a = z + a = z + Hc,

Figure 2 .
Figure 2. Proposed methodology for defending replay attack and FDIA.

Figure 3 .
Figure 3.The designed sliding time window.

Figure 7 .
Figure7.Replay attack detection result on the IEEE 14-bus system.

Figure 8 .
Figure 8. Replay attack detection result on the IEEE 57-bus system.

Figure 9 .Figure 10 .
Figure9.ROC of different detection method on the IEEE 14-bus system.

Figure 11 .
Figure 11.ROC of proposed method for FDIA detection.

Table 1 .
Error results of load forecast.

Table 2 .
Error results of wind power forecast. .The time interval is 15 min, so there are 960 sets of data in each model's training set.The 96 sets of data on the day of prediction are set as the test set to verify the predicting results.

Table 3 .
Computational efficiency of detection.

Table 4 .
Detection rate on the IEEE 14-bus system.

Table 5 .
Detection rate on the IEEE 57-bus system.

Table 6 .
Computational efficiency of differentiation and localization.

Table 7 .
Definitions of TP, FP, TN and FN for differentiation.

Table 8 .
Definitions of TP, FP, TN and FN for localization.

Table 9 .
Results of differentiation on the IEEE 14-bus system.

Table 10 .
Results of localization on the IEEE 14-bus system.

Table 11 .
Results of differentiation on the IEEE 57-bus system.

Table 12 .
Results of localization on the IEEE 57-bus system.